Views:

Configure the integration to enable Cisco XDR to search TrendAI Vision One™ for security detections and take action on suspicious observables for faster and more effective incident response and threat investigation.

Procedure

  1. In the TrendAI Vision One™ console, obtain the endpoint URL and authentication token.
    1. Go to Workflow and AutomationThird-Party Integrations.
    2. Locate and click the Cisco XDR card.
    3. Click dddna_summary_detection_copy=GUID-4DE35BE5-57A5-4919-BF9C-5EC95F9CA8FD=1=en-us=Low.png to copy the Endpoint URL.
    4. Click Generate and copy the Authentication token.
  2. Set up the integration on the Cisco XDR platform.
    For more information, see Cisco documentation.
    1. In the Cisco XDR console, add the TrendAI Vision One™ integration.
    2. Use the endpoint URL and authentication token obtained from the TrendAI Vision One™ console to configure the integration.
    Cisco XDR begins accessing data from TrendAI Vision One™, and information appears in Cisco XDR investigation results. Cisco XDR can only access data generated after connecting to TrendAI Vision One™. You might need to allow some time before new investigation results start to appear.